Add ability to not configure EC2 endpoint
As EC2 api can be disabled by removing it from enabled_apis in nova::api, this patch adds the ability to not configure the EC2 service and endpoint in keystone. Change-Id: I97790cc44418a00696cf294158ce47511fdc1918
This commit is contained in:
Mathieu Gagné
@@ -1,19 +1,20 @@
|
|||||||
class nova::keystone::auth(
|
class nova::keystone::auth(
|
||||||
$password,
|
$password,
|
||||||
$auth_name = 'nova',
|
$auth_name = 'nova',
|
||||||
$public_address = '127.0.0.1',
|
$public_address = '127.0.0.1',
|
||||||
$admin_address = '127.0.0.1',
|
$admin_address = '127.0.0.1',
|
||||||
$internal_address = '127.0.0.1',
|
$internal_address = '127.0.0.1',
|
||||||
$compute_port = '8774',
|
$compute_port = '8774',
|
||||||
$volume_port = '8776',
|
$volume_port = '8776',
|
||||||
$ec2_port = '8773',
|
$ec2_port = '8773',
|
||||||
$compute_version = 'v2',
|
$compute_version = 'v2',
|
||||||
$volume_version = 'v1',
|
$volume_version = 'v1',
|
||||||
$region = 'RegionOne',
|
$region = 'RegionOne',
|
||||||
$tenant = 'services',
|
$tenant = 'services',
|
||||||
$email = 'nova@localhost',
|
$email = 'nova@localhost',
|
||||||
$cinder = false,
|
$configure_ec2_endpoint = true,
|
||||||
$public_protocol = 'http'
|
$cinder = false,
|
||||||
|
$public_protocol = 'http'
|
||||||
) {
|
) {
|
||||||
|
|
||||||
keystone_user { $auth_name:
|
keystone_user { $auth_name:
|
||||||
@@ -52,16 +53,17 @@ class nova::keystone::auth(
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
keystone_service { "${auth_name}_ec2":
|
if $configure_ec2_endpoint {
|
||||||
ensure => present,
|
keystone_service { "${auth_name}_ec2":
|
||||||
type => 'ec2',
|
ensure => present,
|
||||||
description => 'EC2 Service',
|
type => 'ec2',
|
||||||
|
description => 'EC2 Service',
|
||||||
|
}
|
||||||
|
keystone_endpoint { "${region}/${auth_name}_ec2":
|
||||||
|
ensure => present,
|
||||||
|
public_url => "${public_protocol}://${public_address}:${ec2_port}/services/Cloud",
|
||||||
|
admin_url => "http://${admin_address}:${ec2_port}/services/Admin",
|
||||||
|
internal_url => "http://${internal_address}:${ec2_port}/services/Cloud",
|
||||||
|
}
|
||||||
}
|
}
|
||||||
keystone_endpoint { "${region}/${auth_name}_ec2":
|
|
||||||
ensure => present,
|
|
||||||
public_url => "${public_protocol}://${public_address}:${ec2_port}/services/Cloud",
|
|
||||||
admin_url => "http://${admin_address}:${ec2_port}/services/Admin",
|
|
||||||
internal_url => "http://${internal_address}:${ec2_port}/services/Cloud",
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -2,11 +2,11 @@ require 'spec_helper'
|
|||||||
|
|
||||||
describe 'nova::keystone::auth' do
|
describe 'nova::keystone::auth' do
|
||||||
|
|
||||||
describe 'with defaults' do
|
let :params do
|
||||||
|
{:password => 'nova_password'}
|
||||||
|
end
|
||||||
|
|
||||||
let :params do
|
context 'with default parameters' do
|
||||||
{:password => 'nova_password'}
|
|
||||||
end
|
|
||||||
|
|
||||||
it { should contain_keystone_user('nova').with(
|
it { should contain_keystone_user('nova').with(
|
||||||
:ensure => 'present',
|
:ensure => 'present',
|
||||||
@@ -59,10 +59,9 @@ describe 'nova::keystone::auth' do
|
|||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
describe 'when setting auth name' do
|
context 'when setting auth name' do
|
||||||
|
before do
|
||||||
let :params do
|
params.merge!( :auth_name => 'foo' )
|
||||||
{:password => 'nova_password', :auth_name => 'foo' }
|
|
||||||
end
|
end
|
||||||
|
|
||||||
it { should contain_keystone_user('foo').with(
|
it { should contain_keystone_user('foo').with(
|
||||||
@@ -95,25 +94,9 @@ describe 'nova::keystone::auth' do
|
|||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
describe 'when setting password' do
|
context 'when overriding endpoint params' do
|
||||||
|
before do
|
||||||
let :params do
|
params.merge!(
|
||||||
{ :password => 'pass'}
|
|
||||||
end
|
|
||||||
|
|
||||||
it { should contain_keystone_user('nova').with(
|
|
||||||
:ensure => 'present',
|
|
||||||
:password => 'pass'
|
|
||||||
) }
|
|
||||||
|
|
||||||
end
|
|
||||||
|
|
||||||
|
|
||||||
describe 'when overriding endpoint params' do
|
|
||||||
|
|
||||||
let :params do
|
|
||||||
{
|
|
||||||
:password => 'nova_password',
|
|
||||||
:public_address => '10.0.0.1',
|
:public_address => '10.0.0.1',
|
||||||
:admin_address => '10.0.0.2',
|
:admin_address => '10.0.0.2',
|
||||||
:internal_address => '10.0.0.3',
|
:internal_address => '10.0.0.3',
|
||||||
@@ -123,7 +106,7 @@ describe 'nova::keystone::auth' do
|
|||||||
:volume_version => 'v2.1',
|
:volume_version => 'v2.1',
|
||||||
:compute_version => 'v2.2',
|
:compute_version => 'v2.2',
|
||||||
:region => 'RegionTwo'
|
:region => 'RegionTwo'
|
||||||
}
|
)
|
||||||
end
|
end
|
||||||
|
|
||||||
it { should contain_keystone_endpoint('RegionTwo/nova').with(
|
it { should contain_keystone_endpoint('RegionTwo/nova').with(
|
||||||
@@ -149,4 +132,13 @@ describe 'nova::keystone::auth' do
|
|||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe 'when disabling EC2 endpoint' do
|
||||||
|
before do
|
||||||
|
params.merge!( :configure_ec2_endpoint => false )
|
||||||
|
end
|
||||||
|
|
||||||
|
it { should_not contain_keystone_service('nova_ec2') }
|
||||||
|
it { should_not contain_keystone_endpoint('RegionOne/nova_ec2') }
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|||||||
Reference in New Issue
Block a user